On Fri, Jan 30, 2009 at 4:40 AM, Benjamin Henne <he...@rvs.uni-hannover.de> wrote: > >> 1. How to set up a VOMS Server which issues SAML based assertions >> instead of AC ? > > To get SAML assertions containing the VOMS information you extent your > existing VOMS installation by adding the VOMS SAML service. Originally > the service was standalone, but it will be integrated with VOMS-Admin. > VOMS-Admin is going to be the container for all the WS effort around > VOMS. Version 2.0.17 shall be the first release containing the VOMS SAML > endpoint. It was originally scheduled for this month, but seems not to > be released yet. Maybe you can get it from CVS.
What about the client side? Will the voms-proxy-init tool be extended to support this new server-side option? If so, can you provide a pointer? The reason I ask is because a VOMS-SAML token bound to a proxy certificate MUST contain a <ds:X509SubjectName> element in its <saml:SubjectConfirmation> element. Do we know if this is the case? Thanks, Tom
